bpf.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH bpf] bpf: Fix off-by-one error in bpf_mem_cache_idx()
@ 2023-01-18  8:46 Hou Tao
  2023-01-18 17:57 ` Yonghong Song
  2023-01-19  2:50 ` patchwork-bot+netdevbpf
  0 siblings, 2 replies; 4+ messages in thread
From: Hou Tao @ 2023-01-18  8:46 UTC (permalink / raw)
  To: bpf
  Cc: Martin KaFai Lau, Andrii Nakryiko, Song Liu, Hao Luo,
	Yonghong Song, Alexei Starovoitov, Daniel Borkmann, KP Singh,
	Stanislav Fomichev, Jiri Olsa, John Fastabend, houtao1

From: Hou Tao <houtao1@huawei.com>

According to the definition of sizes[NUM_CACHES], when the size passed
to bpf_mem_cache_size() is 256, it should return 6 instead 7.

Fixes: 7c8199e24fa0 ("bpf: Introduce any context BPF specific memory allocator.")
Signed-off-by: Hou Tao <houtao1@huawei.com>
---
 kernel/bpf/memalloc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/bpf/memalloc.c b/kernel/bpf/memalloc.c
index ebcc3dd0fa19..1db156405b68 100644
--- a/kernel/bpf/memalloc.c
+++ b/kernel/bpf/memalloc.c
@@ -71,7 +71,7 @@ static int bpf_mem_cache_idx(size_t size)
 	if (size <= 192)
 		return size_index[(size - 1) / 8] - 1;
 
-	return fls(size - 1) - 1;
+	return fls(size - 1) - 2;
 }
 
 #define NUM_CACHES 11
-- 
2.29.2


^ permalink raw reply related	[flat|nested] 4+ messages in thread
* Re: [PATCH bpf] bpf: Fix off-by-one error in bpf_mem_cache_idx()
  2023-01-18  8:46 [PATCH bpf] bpf: Fix off-by-one error in bpf_mem_cache_idx() Hou Tao
@ 2023-01-18 17:57 ` Yonghong Song
  2023-01-19  2:43   ` Alexei Starovoitov
  2023-01-19  2:50 ` patchwork-bot+netdevbpf
  1 sibling, 1 reply; 4+ messages in thread
From: Yonghong Song @ 2023-01-18 17:57 UTC (permalink / raw)
  To: Hou Tao, bpf
  Cc: Martin KaFai Lau, Andrii Nakryiko, Song Liu, Hao Luo,
	Yonghong Song, Alexei Starovoitov, Daniel Borkmann, KP Singh,
	Stanislav Fomichev, Jiri Olsa, John Fastabend, houtao1



On 1/18/23 12:46 AM, Hou Tao wrote:
> From: Hou Tao <houtao1@huawei.com>
> 
> According to the definition of sizes[NUM_CACHES], when the size passed
> to bpf_mem_cache_size() is 256, it should return 6 instead 7.

More importantly, e.g., if the size is 4096, illegal memory access may 
happen.

> 
> Fixes: 7c8199e24fa0 ("bpf: Introduce any context BPF specific memory allocator.")
> Signed-off-by: Hou Tao <houtao1@huawei.com>

Acked-by: Yonghong Song <yhs@fb.com>

> ---
>   kernel/bpf/memalloc.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/kernel/bpf/memalloc.c b/kernel/bpf/memalloc.c
> index ebcc3dd0fa19..1db156405b68 100644
> --- a/kernel/bpf/memalloc.c
> +++ b/kernel/bpf/memalloc.c
> @@ -71,7 +71,7 @@ static int bpf_mem_cache_idx(size_t size)
>   	if (size <= 192)
>   		return size_index[(size - 1) / 8] - 1;
>   
> -	return fls(size - 1) - 1;
> +	return fls(size - 1) - 2;
>   }
>   
>   #define NUM_CACHES 11

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH bpf] bpf: Fix off-by-one error in bpf_mem_cache_idx()
  2023-01-18 17:57 ` Yonghong Song
@ 2023-01-19  2:43   ` Alexei Starovoitov
  0 siblings, 0 replies; 4+ messages in thread
From: Alexei Starovoitov @ 2023-01-19  2:43 UTC (permalink / raw)
  To: Yonghong Song
  Cc: Hou Tao, bpf, Martin KaFai Lau, Andrii Nakryiko, Song Liu,
	Hao Luo, Yonghong Song, Alexei Starovoitov, Daniel Borkmann,
	KP Singh, Stanislav Fomichev, Jiri Olsa, John Fastabend, Hou Tao

On Wed, Jan 18, 2023 at 9:58 AM Yonghong Song <yhs@meta.com> wrote:
>
> >
> > -     return fls(size - 1) - 1;
> > +     return fls(size - 1) - 2;

Wow. Thanks.
Not sure how I missed it and why the tests didn't catch it.
test_maps goes through many key/value sizes.

Applied.

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH bpf] bpf: Fix off-by-one error in bpf_mem_cache_idx()
  2023-01-18  8:46 [PATCH bpf] bpf: Fix off-by-one error in bpf_mem_cache_idx() Hou Tao
  2023-01-18 17:57 ` Yonghong Song
@ 2023-01-19  2:50 ` patchwork-bot+netdevbpf
  1 sibling, 0 replies; 4+ messages in thread
From: patchwork-bot+netdevbpf @ 2023-01-19  2:50 UTC (permalink / raw)
  To: Hou Tao
  Cc: bpf, martin.lau, andrii, song, haoluo, yhs, ast, daniel, kpsingh,
	sdf, jolsa, john.fastabend, houtao1

Hello:

This patch was applied to bpf/bpf.git (master)
by Alexei Starovoitov <ast@kernel.org>:

On Wed, 18 Jan 2023 16:46:30 +0800 you wrote:
> From: Hou Tao <houtao1@huawei.com>
> 
> According to the definition of sizes[NUM_CACHES], when the size passed
> to bpf_mem_cache_size() is 256, it should return 6 instead 7.
> 
> Fixes: 7c8199e24fa0 ("bpf: Introduce any context BPF specific memory allocator.")
> Signed-off-by: Hou Tao <houtao1@huawei.com>
> 
> [...]

Here is the summary with links:
  - [bpf] bpf: Fix off-by-one error in bpf_mem_cache_idx()
    https://git.kernel.org/bpf/bpf/c/36024d023d13

You are awesome, thank you!
-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html



^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2023-01-19  2:50 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-01-18  8:46 [PATCH bpf] bpf: Fix off-by-one error in bpf_mem_cache_idx() Hou Tao
2023-01-18 17:57 ` Yonghong Song
2023-01-19  2:43   ` Alexei Starovoitov
2023-01-19  2:50 ` patchwork-bot+netdevbpf

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).